ONde estou errando no meu dhcpd.conf???
Ola!!!
Estou configurando o DHCPd mas não estou tendo exito. Aqui esta o dhcpd.conf do meu Slackware 10.2:
ddns-update-style ad-hoc;
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.0.0;
option broadcast-address 10.254.255.255;
option routers 10.254.0.2;
option domain-name-servers 200.253.8.2;
option domain-name "ondarapida.com.br";
subnet 10.254.0.0 netmask 255.255.0.0 {
range 10.254.1.2 10.254.255.2;
}
host admin {
hardware ethernet 00:30:4F:2E:6E:F4;
fixed-address 10.254.2.2;
}
E estsa é a menssagem qeu dá quando executo o dhcpd:
root@PANORAMA:/etc# dhcpd wlan0
Internet Systems Consortium DHCP Server V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 0 leases to leases file.
Listening on Socket/wlan0/10.254/16
Sending on Socket/wlan0/10.254/16
root@PANORAMA:/etc# There's already a DHCP server running.
If you did not get this software from ftp.isc.org, please
get the latest from ftp.isc.org and install that before
requesting help.
If you did get this software from ftp.isc.org and have not
yet read the README, please read it before requesting help.
If you intend to request help from the [email protected]
mailing list, please read the section on the README about
submitting bug reports and requests for help.
Please do not under any circumstances send requests for
help directly to the authors of this software - please
send them to the appropriate mailing list as described in
the README file.
exiting.
root@PANORAMA:/etc#
Por favor me ajudem a solucionar este erro!!!!
Obrigado a todos!!!!
Re: ONde estou errando no meu dhcpd.conf???
Eu errei o servidor dhcpd estava roando quando postei aquela msg acima
agora sim, olhem:
root@PANORAMA:/etc# dhcpd wlan0
Internet Systems Consortium DHCP Server V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 0 leases to leases file.
Listening on Socket/wlan0/10.254/16
Sending on Socket/wlan0/10.254/16
root@PANORAMA:/etc#
Mas na minha maquina ruindows não consigo pegar um ip automaticamente!!!!
Por favor me ajudem!!!
Re: ONde estou errando no meu dhcpd.conf???
Cara, a saída não acusa nenhum erro, então tente o seguinte:
execute um sniffer no servidro (tcpdump ou iptraf <-- recomendo o último) e verifique se existe tráfego nas portas 68 e 69 em broadcast, caso não exista force a máquina que roda windows a atulaizar as configurações de rede. Caso não funcione, coloque um live-cd na máquina cliente e verifique se esta consegue adquirir um endereço IP. Verifique saída do /var/log/messages por algo errado, as renovações de ip do dhcp ficam lá tb
Re: ONde estou errando no meu dhcpd.conf???
kara eu rodei o iptraf aki no meu servidor e eu vejo que ele recebe solicitações do ip 0.0.0.0:68 para 255.255.255.255:67. Ele faz algumas tentativas e libera para minha maquina cliente o ip 169.254.105.213.
Tenho um firewall rodando na minha maquina vou postar meu rc.firewall aki:
#>>>>>>>>>> Variáveis Gerais
IPT="/usr/sbin/iptables"
SCRIPT="/etc/rc.d/./rc.firewall"
NET="eth0"
LAN="wlan0"
MACLIST="/etc/maclist"
#>>>>>>>>>> Ativando os módulos
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
#>>>>>>>>>> Inicio Script Firewall
case $1 in
start)
echo "Iniciando o Firewall"
#>>>>> Comandos Basicos para o Firewall
$IPT -F
$IPT -t nat -F
$IPT -P FORWARD DROP
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#>>>>> Segurança local
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
$IPT -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
$IPT -A FORWARD -p tcp -m limit --limit 1/s -j ACCEPT
$IPT -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
$IPT -A FORWARD -p tcp --tcp-flags ALL SYN,ACK -j DROP
$IPT -A FORWARD -m unclean -j DROP
#>>>>> Bloqueio de trafego entre clientes
$IPT -A FORWARD -p all -i $LAN -o $LAN -j DROP
#>>>>> Bloqueio de acesso ao servidor
$IPT -A INPUT -i $LAN -s 0/0 -d 10.254.0.2 -p tcp --dport 10000 -j DROP
$IPT -A INPUT -i $NET -s 0/0 -d 200.xxx.xxx.xxx -p tcp --dport 3128 -j DROP
$IPT -A INPUT -i $NET -s 0/0 -d 200.xxx.xxx.xxx -p icmp -j DROP
$IPT -A INPUT -i $NET -s 0/0 -d 200.xxx.xxx.xxx -p udp --dport 33435:33535 -j DROP
#>>>>> Bloqueio de portas de netbios vindos da internet
$IPT -A FORWARD -i $NET -o $LAN -d 0/0 -p tcp -m multiport --dport 135,137,138,139,445 -j DROP
$IPT -A FORWARD -i $LAN -o $NET -d 0/0 -p tcp -m multiport --dport 135,137,138,139,445 -j DROP
$IPT -A FORWARD -i $NET -o $LAN -d 0/0 -p udp -m multiport --dport 135,137,138,139,445 -j DROP
$IPT -A FORWARD -i $LAN -o $NET -d 0/0 -p udp -m multiport --dport 135,137,138,139,445 -j DROP
#>>>>> Liberação dos MAC's dos servidores
$IPT -A FORWARD -i $NET -m mac --mac-source 00:50:73:6B:85:57 -j ACCEPT # Roteador CISCO 2500
$IPT -A FORWARD -i $NET -m mac --mac-source 00:E0:7D:C3:FF:05 -j ACCEPT # Servidor Medical
$IPT -A INPUT -i $NET -m mac --mac-source 00:E0:7D:C3:FF:05 -j ACCEPT # Servidor Medical
$IPT -A INPUT -i $LAN -m mac --mac-source 00:02:6F:32:89:94 -j ACCEPT # Servidor Panorama
#>>>>>>>>>> MACLIST <<<<<<<<<<#
for i in `cat $MACLIST`; do
STATUS=`echo $i | cut -d ';' -f1`
MACSOURCE=`echo $i | cut -d ';' -f2`
IPSOURCE=`echo $i | cut -d ';' -f3`
#>>> Se STATUS = a, então libera
if [ $STATUS = "a" ];then
$IPT -A INPUT -i $LAN -s $IPSOURCE -m mac --mac-source $MACSOURCE -j ACCEPT
$IPT -A FORWARD -i $LAN -s $IPSOURCE -m mac --mac-source $MACSOURCE -j ACCEPT
$IPT -A FORWARD -d $IPSOURCE -s 0/0 -j ACCEPT
$IPT -t nat -A POSTROUTING -s $IPSOURCE/32 -o $NET -j MASQUERADE
#>>> SE STATUS = b, entao bloqueia
else
$IPT -A FORWARD -m mac --mac-source $MACSOURCE -j DROP
$IPT -A INPUT -m mac --mac-source $MACSOURCE -j DROP
fi
done
#>>>>>>>>>> PROXY TRANSPARENTE <<<<<<<<<<#
$IPT -t nat -A POSTROUTING -o $NET -j MASQUERADE
$IPT -t nat -A PREROUTING -i $LAN -p tcp --dport 80 -j REDIRECT --to-port 3128
#>>>>>>>>>> DIVERSOS <<<<<<<<<<#
$IPT -A INPUT -i $NET -s 0/0 -d 200.253.8.5 -p tcp --dport 10000 -j ACCEPT
$IPT -A INPUT -i $NET -s 0/0 -d 200.253.8.5 -p tcp --dport 80 -j ACCEPT
$IPT -A FORWARD -i $LAN -m mac --mac-source FF:FF:FF:FF:FF:FF -j DROP
$IPT -A FORWARD -i $LAN -m mac --mac-source 00:00:00:00:00:00 -j DROP
$IPT -A FORWARD -i $LAN -m mac --mac-source ! FF:FF:FF:FF:FF:FF -j DROP
$IPT -A FORWARD -i $LAN -m mac --mac-source ! 00:00:00:00:00:00 -j DROP
$IPT -A INPUT -i $LAN -m mac --mac-source FF:FF:FF:FF:FF:FF -j DROP
$IPT -A INPUT -i $LAN -m mac --mac-source 00:00:00:00:00:00 -j DROP
$IPT -A INPUT -i $LAN -m mac --mac-source ! FF:FF:FF:FF:FF:FF -j DROP
$IPT -A INPUT -i $LAN -m mac --mac-source ! 00:00:00:00:00:00 -j DROP
$IPT -A FORWARD -i $NET -m mac --mac-source FF:FF:FF:FF:FF:FF -j DROP
$IPT -A FORWARD -i $NET -m mac --mac-source 00:00:00:00:00:00 -j DROP
$IPT -A FORWARD -i $NET -m mac --mac-source ! FF:FF:FF:FF:FF:FF -j DROP
$IPT -A FORWARD -i $NET -m mac --mac-source ! 00:00:00:00:00:00 -j DROP
$IPT -A INPUT -i $NET -m mac --mac-source FF:FF:FF:FF:FF:FF -j DROP
$IPT -A INPUT -i $NET -m mac --mac-source 00:00:00:00:00:00 -j DROP
echo "Firewall Pronto"
;;
stop)
echo "Parando o Firewall"
$IPT -F
$IPT -P INPUT DROP
$IPT -t nat -F
;;
restart)
echo "Reiniciando o Firewall"
$SCRIPT stop
sleep 1
$SCRIPT start
echo "Firewall Reiniciado"
;;
*)
echo "Use $0 start|stop|restart"
;;
esac
Por favor vejam se tem algo errado no meu firewall que impeça o DHCPd funcionar!!!
Grato!!!!
Re: ONde estou errando no meu dhcpd.conf???
essas são as ultimas linha do meu /var/log/messages:
Jun 8 17:44:01 PANORAMA dhcpd: Internet Systems Consortium DHCP Server V3.0.3
Jun 8 17:44:01 PANORAMA dhcpd: Copyright 2004-2005 Internet Systems Consortium.
Jun 8 17:44:01 PANORAMA dhcpd: All rights reserved.
Jun 8 17:44:01 PANORAMA dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Jun 8 17:44:02 PANORAMA dhcpd: Wrote 0 deleted host decls to leases file.
Jun 8 17:44:02 PANORAMA dhcpd: Wrote 0 new dynamic host decls to leases file.
Jun 8 17:44:02 PANORAMA dhcpd: Wrote 0 leases to leases file.
Jun 8 17:44:02 PANORAMA dhcpd: Listening on Socket/wlan0/10.254/16
Jun 8 17:44:02 PANORAMA dhcpd: Sending on Socket/wlan0/10.254/16
Obrigado!!!
